Comments on: Coming soon to squarefree.com

By: michaell

michaell — Wed, 30 Nov -0001 00:00:00 +0000

Your previous demos of novel attacks have been great, and have prompted discussion and fixes, so that’d be my choice.

I think there’s already enough known low-priority Firefox security issues, and I can’t see much changing before 1.1, so I’m not sure making that list is so important. The other tips would be good, but it depends if you can get anyone to read them ;)

And not on the list as such, but probably overlapping, so if you need another project… I keep seeing requests for a document explaining why Firefox/Mozilla’s design gives better security than IE’s. Currently we have vague hand-waving in the Firefox marketing stuff, and we have a selection of short documents, spread in different places, written for developers, but nothing between. You’re probably the person most capable of writing such a thing, and you’ve got bits of it already.

By: Papuass

Papuass — Wed, 30 Nov -0001 00:00:00 +0000

*A list of some of Firefox’s weaknesses, design elements that can lead to security holes.

This one could be useful.

By: weev

weev — Wed, 30 Nov -0001 00:00:00 +0000

“A novel attack against something that was proven secure using a what I think is a poor definition of security.”

I always like to see innovative exploitation.

By: dolphinling

dolphinling — Wed, 30 Nov -0001 00:00:00 +0000

It depends. Have you already solved problem #2 in polynomial time?

By: Sander

Sander — Wed, 30 Nov -0001 00:00:00 +0000

# A list of some of Firefox’s weaknesses, design elements that can lead to security holes.
# Security tips for Firefox developers and extension developers (current version).

Yes please! (Not that the other subjects don’t look interesting, but these I’d be most interested in.)

By: Ian

Ian — Wed, 30 Nov -0001 00:00:00 +0000

None of the above.

You have almost missed your calling in life.

More lists please.

Lucky I had finished my beer otherwise I would have choked when I laughed.